Texas comptroller apologizes for personal-data leak

PATRICIA KILDAY HART, AUSTIN BUREAU |
April 28, 2011

Taking "full responsibility" for the inadvertent online exposure of the personal information of 3.5 million Texans, Comptroller Susan Combs on Thursday said her agency would pay for free credit monitoring and Internet surveillance to those affected, and her campaign fund would provide identity restoration services for anyone whose personal information is misused.

"I am deeply sorry this incident occurred and I take full responsibility for it," Combs said. "This incident has affected the lives of Texans that I have dedicated my life to serving and I am determined to restore their faith in the Comptroller's Office."

While her office's initial explanation for the incident blamed three other state agencies for failing to send encrypted filed, on Thursday, Combs called the finger-pointing "irrelevant."

"We had the last clear chance to make it right and we didn't," she said.

Defends hiring

She also defended her office's hiring of two campaign contributors as consultants to review her office's Internet security, saying state procurement policies limited her choice of technology firms who could immediately begin work on the project.

Because "speed was important," she said she hired Deloitte Consulting and Gartner, Inc., rather than going through the competitive bidding process, because those firms already had contracts with the state.

She declined to comment on a court filing this week in Austin by attorneys who are seeking to take her deposition to get to the bottom of what they called the "most massive and far-reaching invasion of privacy in the history of Texas."

Those lawyers called on Combs to resign, saying she should take responsibility for her office's role in the incident.

On March 31, her office discovered the information had been left unprotected on an Internet server for more than a year. She said her employees moved the computer files and began work on notifying affected individuals.

Last week, Combs announced she had negotiated a discount for individuals who wanted to sign up for a credit monitoring service. People who took advantage of that offer can end their agreements and take advantage of the free monitoring service, she said Thursday.

Combs fired four employees after the security breach. She said Thursday she has created a new Chief Privacy Officer to enhance the protection of private information.